New CIRCIA Bill and the 3 Steps Financial CIOs Can Take to Prepare
Attitudes toward cybersecurity responsibility are shifting worldwide. Impacts of successful breaches can be seen across the globe, challenging nearly every public and private industry. The financial services sector needs to be especially vigilant and prepare ahead of time for upcoming regulation changes that could further impact incident reporting procedures.
Earlier this year, Costa Rica declared a state of emergency after its Finance Ministry was targeted in a ransomware attack carried out by the group known as Conti. The ransomware hold brought the country to its knees for nearly a month, with more than 27 infrastructure-supporting institutions unable to fully operate. This attack limited the country’s ability to collect taxes, froze payroll for thousands of public employees, and even paralyzed foreign trading. Costa Rica’s troubles could be linked almost directly to shortcomings of the previous administration; underinvestment in cybersecurity and insufficient incident reporting.